[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Tue Feb 8 14:23:15 UTC 2022


The branch openssl-3.0 has been updated
       via  53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 (commit)
      from  db40ffab8dbf3ae0e932bb737ff787c6c1eb3ca2 (commit)


- Log -----------------------------------------------------------------
commit 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date:   Sat Feb 5 18:00:51 2022 +0800

    rsa: add check after calling BN_BLINDING_lock
    
    As the potential failure of getting lock, we need to check the return
    value of the BN_BLINDING_lock() in order to avoid the dirty data.
    
    Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17642)
    
    (cherry picked from commit aefbcde29166caf851cf388361d70fd0dcf17d87)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_ossl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index c417a4b8f6..de4a580032 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -213,7 +213,9 @@ static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind,
          */
         int ret;
 
-        BN_BLINDING_lock(b);
+        if (!BN_BLINDING_lock(b))
+            return 0;
+
         ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
         BN_BLINDING_unlock(b);
 


More information about the openssl-commits mailing list